NewsBite

Medibank data leak hits six million former customers

Medibank has confirmed nearly six million former customers have had their data exposed in its recent breach - with 9.7million total people impacted by the incident.

Sarah IsonSarah Ison
@@sarsison
less than 2 min read
9:12AMNovember 07, 2022.
Updated 9:44AMNovember 07, 2022
Print
Nearly 10million Australians have had their data exposed by a recent leak at Medibank. Picture: NCA NewsWire / David Swift
Nearly 10million Australians have had their data exposed by a recent leak at Medibank. Picture: NCA NewsWire / David Swift

Medibank has confirmed almost six million former customers have had their data exposed by the breach last month and that it will commission an external review of the incident.

The health insurer last month confirmed the hacker had access to the personal information of all 3.9 million of its current customers, which included names, dates of birth, some Medicare numbers and details about their health conditions and treatments.

But Medibank today revealed the total number of customers affected was 9.7 million, with 5.8 million of those being former customers of the insurer.

Chief executive David Koczkar said ransoms demanded by the criminals who had access to the data would not be paid.

“Based on the extensive advice we have received from cybercrime experts, we believe there is only a limited chance paying a ransom would ensure the return of our customers’ data and prevent it from being published,” he said in a statement.

“In fact, paying could have the opposite effect and encourage the criminal to directly extort our customers, and there is a strong chance that paying puts more people in harm’s way by making Australia a bigger target.”

Medibank risks multi-million dollar loss

Medibank also updated the breadth of information stolen, which included health claims for around 160,000 Medibank customers, 300,000 ahm customers and 20,000 international customers, which included the name of the service providers they used and location of where they received treatment.

A further 5,200 My Home Hospital patients, who receive care in their homes, had some personal and health claims data accessed and about 2,900 next of kin of these patients had contact details accessed.

Medibank confirmed no credit card or banking details had been exposed.

“Given the nature of this crime, we now believe that all of the customer data accessed could have been taken by the criminal,” the health insurer said in a statement.

More Coverage

Medibank ‘will not pay cyber ransom’
Jared Lynch, Sarah Ison, David Swan
Will anything change after the Medibank hack?
TANSY HARCOURT
Medibank Private Ltd shares down Friday, underperforms the Financials sector
Sayee Shree Ravi Sankar
ASX closes up; Medibank stocks among top risers
David Rogers, Valerina Changarathil, Hayden Johnson
Read related topics:Medibank
Sarah Ison
Sarah IsonPolitical Reporter

Sarah Ison is a political reporter in The Australian's Canberra press gallery bureau, where she covers a range of rounds from higher education to social affairs. Sarah was a federal political reporter with The West Australian's Canberra team between 2019 and 2021, before which she worked in the masthead's Perth newsroom. Sarah made her start in regional journalism at the Busselton-Dunsborough Times in 2017.

Sarah Ison

Add your comment to this story

To join the conversation, please Don't have an account? Register

Join the conversation, you are commenting as Logout

More related stories

Original URL: https://www.theaustralian.com.au/news/medibank-data-leak-hits-six-million-former-customers/news-story/0b493d40d3cabcd8ed1119f038d8aa96